Prepare Your Network for BYOD - tzmc.us · Prepare Your Network for BYOD Meraki Webinar Series 1 . ... –Design considerations ... Preparing your network for BYOD 16 .
Post on 22-Jun-2018
217 Views
Preview:
Transcript
Agenda Introduction to Meraki and Cloud Networking
BYOD objectives
Taming BYOD: capacity, security & management
– Design considerations
– Live demos
Product line & pricing
Q&A
2
Click on this link to attend any Cisco Meraki live webinar and Cisco will send qualified attendees a free Meraki Wi-Fi Access
Point (AP) with a 3-year cloud management license - a $699 MSRP value free.
. . . or click on this personalized referral link for the current schedule for all the live webinars and recorded sessions.
2013
About Meraki, part of Cisco
6
Leader in cloud networking: 20,000+ customer networks deployed
– Initial technology developed at MIT - tradition of innovation and R&D
Cloud-managed edge and branch networking portfolio
– Complete line of wireless, switching, security, WAN optimization,
and mobile device management products
Now the Cisco Cloud Networking Group
– Increase investment in Meraki technology (grow team, R&D)
– Utilize Cisco’s reach to bring Meraki to new markets
– No changes planned to product roadmap, licenses, etc.
Trusted by thousands of customers worldwide:
Recognized for innovation
7
Trusted by thousands of customers Education, professional services, healthcare, retail, government, industrial & manufacturing, hospitality
Visionary, Magic Quadrant
for Wireless LAN
Winner, Mobility and Wireless
Product of the Year
Technology Pioneer Award Winner, Best Product
Wireless Solution
Customer success across all industries
K-12
Enterprise Healthcare
Hospitality
Retail
Industrial Government
Higher Ed
Apple: First 6 Quarters Cumulative Unit Shipments
10
Source: Apple as of Q2:11 (6 quarters, post iPad launch)
iPad
iPhone
iPod
Apple vs. Android: First 11 Quarters
11
Source: Gartner, Morgan Stanley Research, as of Q2:11
Android
Apple
iOS (all)
Networking challenges
12
New devices High bandwidth web apps Access everywhere
“How do I support 10x more devices with a fixed staff?”
“Can users securely bring their own devices?”
“How do I keep BitTorrent from slowing down web apps?”
Creating new challenges for IT:
Cloud increases IT efficiency
13
Turnkey installation and management
Integrated, always up to date features
Scales from small branches to large networks
Reduces operational costs
Manageability Scalability Cost Savings
Bringing the cloud to enterprise networks
14
Meraki MS
Ethernet Switches
Meraki SM
Mobile Device Management
Meraki MR
Wireless LAN
Meraki MX
Security Appliances
BYOD objectives
17
• Satisfy end-user demand
• Maintain security, visibility and control
• Preserve network reliability and end-user experience
• Minimize IT burden
“iPad has changed the way this
firm practices law. And I think
it’s changed the practice of law
in general.”
James Goodnow
Director, Fennemore Craig
Key BYOD design considerations
18
Security Capacity Management
100% integrated, without cost or complexity
Security
20
• Goal: prevent viruses, unauthorized data access
• First, follow wireless security best practices
• Augment with BYOD-specific strategies
– Layer 7 device fingerprinting
– NAC/Antivirus Scan
– Segment corporate and BYOD devices
Wireless security best practices
21
• Segment classes of users
– Separate SSIDs for guests, employees
– Identity-based policy firewall
• Encrypt wireless traffic
– WPA2 PSK or Enterprise
• Detect and mitigate rogue APs
Layer 7 device fingerprinting
22
• Gleans identifying signatures from network traffic
• Zero-configuration
• Automatic updates to handle new devices
• Fully integrated with NAC and device-based policy firewall
Corporate and employee device separation
23
Three strategies:
• Equal access for all devices
– Appropriate for many environments: education, corporate, etc.
– Simple for users and IT
– Optionally control access based on user identity
• Use Internet-only guest access SSID for employee devices
– Isolate LAN resources from employee devices
– May not satisfy end-user requirements
• Fine-grained access control restrictions for employee-owned devices
– Most flexible
“I already authenticate users with 802.1X. Should I restrict
access based on the authenticated user’s device?”
Isolated SSID for BYOD
24
• Strategy: isolated virtual network for BYOD
– Prevent or restrict LAN access
– May double as guest (non-employee) network
– Protect network for company-owned devices via MAC whitelist or
802.1x/EAP-TLS
• Pro: secure, easy to configure and understand
• Con: user has to think before connecting
Apply policies by device type
25
• Example device-based policies:
– Corporate-issued laptops: full access
– iPads: email servers + Internet
– CEO’s iPad: email, ERP, Internet
– Smartphones, netbooks etc: Internet-only
Meraki Firewall (built into AP):
• Classify devices (Layer 7)
• Apply rules based on user or
device type:
- VLAN tag
- Firewall rules/ACLs
- Bandwidth limits
Layer 7 application traffic shaping
29
• Monitor bandwidth usage by application
• Limit or block unwanted recreational traffic
• L7 shaping controls peer to peer, encrypted, & evasive apps
RF capacity planning
30
• Deploy 802.11n
– Higher throughput, up to 900 Mbps
– More resilient against interference
• Deploy dual-concurrent APs
– Independent 2.4 and 5 GHz radios
– Prevents smartphones from slowing down
iPads and laptops
– Band steering: improves iPad performance, reduces crowding
on low-power 2.4 GHz devices (supported by all Meraki dual-radio APs)
• Test for weak devices
– Use APs with high receive sensitivity (all Meraki APs)
– Add APs as needed
Meraki APs built to handle 100+ devices
Visibility into BYOD network
32
• Identify applications, users, and devices
• Classify encrypted and P2P apps (Skype, BitTorrent etc.)
• Real-time search and historical reporting
Control devices, users, applications
33
Apply access control policies
Identify and block unwanted users, devices, and applications
Automate maintenance for dynamic
environments
34
Mitigate dynamic RF environments with cloud-based RF optimization
Respond to new devices and applications with seamless over-the-web firmware
upgrades (user-scheduled)
Network-wide visibility and control
35
Built-in multi site management
Integrated wireless, switching, WAN and security
Systems Manager
38
Key features:
–Deploy applications
–Set restrictions and security policies
–Monitor hardware and software vitals
Easy to deploy
–Uses native iOS facilities, Android app, or lightweight
installer for Mac/PC
100% free for anyone
–Supports up to thousands of devices
Cloud managed 802.11n wireless LAN
40
5 access point models
– Indoor, rugged/outdoor
– 802.11n up to 900 Mbps
– Ultra-high performance and
value-priced models
Enterprise-class hardware
– Lifetime warranty for indoor APs
– 802.3af Power over Ethernet
– Voice, video optimization
Fully integrated features
– Traffic shaping, mesh, NAC,
guest access, device
management…
Cloud managed security appliances
41
6 versatile models
– Scale from small sites to large campuses
Complete networking and security
– Stateful firewall
– Site to site and client VPN
– Link balancing and failover
(including 3G/4G)
L7 application control
– Traffic shaping
– NG application firewall
– Content filtering (CIPA-compliant)
– WAN optimization
Cloud managed switches
42
Managed access switches in 4 models
– 24 and 48 port, with PoE available
– Gigabit with 10 GbE uplinks
Enterprise-class performance and reliability
– Lifetime warranty
– 802.3af/at PoE on all ports
– Voice, video QoS
Centrally managed from the cloud
– Visibility and control over
thousands of ports
– Built-in monitoring, cable
testing, and alerts
Try Meraki for free
43
• Try Meraki on your network
• Sets up in 15 minutes
• Technical support available at no cost
Free trials available at meraki.com/eval
For more information and discount pricing quotations for your project,
contact 1 PC Network, your authorized Cisco Meraki Elevate Partner.
Click here to Register Your New Meraki Projects.
Qualify for Important Extra Cisco Discounts.
1 PC Network Inc.
3675 S. Rainbow Blvd #107-374
Las Vegas, NV 89103-1059
Phone: +1-800-965-8499 Toll Free, USA
+1-702-949-6077 Las Vegas, NV, USA
2013
top related